Reddit resets 100,000 passwords amid security worries

27 May 2016

Reddit image, via Luke Maxwell

Reddit has taken a proactive step with regards user security, it seems, resetting 100,000 passwords amid news of leaks elsewhere.

The past few days has seen news of the 2012 LinkedIn security breach finally reveal the depths of the hack.

More than 160m accounts were hacked – the original, official claim was just 6.4m, before people selling the data finally revealed all – with a huge amount of ‘change your password, peeps’ emails and articles flying around the web.

That has spooked plenty of people. Incidentally, if you are concerned that your account may have been compromised, pop your email address in here and you’ll find out real quick.

It’s not just users spooked, but companies, too.

In the last fortnight, Reddit has reset 110,000 passwords, “with more to come as we continue to verify and validate that no one except for you is using your account”, the company said.

Those affected have been contacted, with Reddit listing out ways to ensure your password is more secure.

Easy fix

Choose a strong and unique password, and only use it for Reddit. Set and verify an email address and check your activity page. Pretty simple

Reddit also points out throwaway accounts that have no notable history, acting as mere placeholders. “They’ve never posted. They’ve never voted,” reads the statement, noting how primed they are for malicious attacks.

“Shortly, we’re going to start issuing password resets to these accounts and, if we don’t get a reaction in about a month, we’re going to disable them. Please keep an eye out!”

Oh, and in the LinkedIn hack, these were the 10 most common passwords:

  • 123456  (753,305 instances among the breach)
  • Linkedin (172,523)
  • Password (144,458)
  • 123456789 (94,314)
  • 12345678 (63,769)
  • 111111 (57,210)
  • 1234567 (49,652)
  • Sunshine (39,118)
  • Qwerty (37,538)
  • 654321 (33,854)

Gordon Hunt was a journalist with Silicon Republic